Skip to content

connect-github-actions-sql-db.md

Latest commit

 

History

History
226 lines (165 loc) · 7.19 KB

connect-github-actions-sql-db.md

File metadata and controls

226 lines (165 loc) · 7.19 KB
title Quickstart: Connect to database with GitHub Actions
description Use Azure SQL Database from a GitHub Actions workflow
author juliakm
ms.author jukullam
ms.reviewer wiassaf, mathoma
ms.date 08/05/2025
ms.service azure-sql-database
ms.subservice connect
ms.topic quickstart
ms.custom github-actions-azure, mode-other, devx-track-azurecli

Use GitHub Actions to connect to Azure SQL Database

[!INCLUDEappliesto-sqldb]

Get started with GitHub Actions by using a workflow to deploy database updates to Azure SQL Database.

Prerequisites

You need:

Workflow file overview

A GitHub Actions workflow is defined by a YAML (.yml) file in the /.github/workflows/ path in your repository. This file has the steps and parameters that make up the workflow.

The file has two sections:

Section Tasks
Authentication 1. Generate deployment credentials.
Deploy 2. Deploy the database.

Generate deployment credentials

[!INCLUDE include]

Copy the SQL connection string

In the Azure portal, go to your Azure SQL Database and open Settings > Connection strings. Copy the ADO.NET connection string. Replace the placeholder values for your_database and your_password.

You'll set the connection string as a GitHub secret, AZURE_SQL_CONNECTION_STRING.

Configure the GitHub secrets

[!INCLUDE include]

Add the SQL connection string secret

  1. In GitHub, go to your repository.

  2. Go to Settings in the navigation menu.

  3. Select Security > Secrets and variables > Actions.

  4. Select New repository secret.

  5. Paste your SQL connection string. Give the secret the name AZURE_SQL_CONNECTION_STRING.

  6. Select Add secret.

Add your workflow

  1. Go to Actions for your GitHub repository.

  2. Select Set up your workflow yourself.

  3. Delete everything after the on: section of your workflow file. For example, your remaining workflow can look like this.

    name: SQL for GitHub Actions

on:
    push:
        branches: [ main ]
    pull_request:
        branches: [ main ]

  4. Rename your workflow SQL for GitHub Actions and add the checkout and login actions. These actions check out your site code and authenticate with Azure using the AZURE_CREDENTIALS GitHub secret you created earlier.

    OpenID Connect

        name: SQL for GitHub Actions
    
    on:
        push:
            branches: [ main ]
        pull_request:
            branches: [ main ]
    
    jobs:
        build:
            runs-on: windows-latest
            steps:
             - uses: actions/checkout@v1
             - uses: azure/login@v2
               with:
                client-id: ${{ secrets.AZURE_CLIENT_ID }}
                tenant-id: ${{ secrets.AZURE_TENANT_ID }}
                subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

    Service principal

    name: SQL for GitHub Actions

on:
    push:
        branches: [ main ]
    pull_request:
        branches: [ main ]

jobs:
    build:
        runs-on: windows-latest
        steps:
         - uses: actions/checkout@v1
         - uses: azure/login@v2
           with:
            creds: ${{ secrets.AZURE_CREDENTIALS }}

  1. Use the Azure SQL Deploy action to connect to your SQL instance. You should have a dacpac package (Database.dacpac) at the root level of your repository. Use the AZURE_SQL_CONNECTION_STRING GitHub secret you created earlier.

    - uses: azure/sql-action@v2.3
  with:
    connection-string: ${{ secrets.AZURE_SQL_CONNECTION_STRING }}
    path: './Database.dacpac'
    action: 'publish'

  2. Complete your workflow by adding an action to logout of Azure. Here's the completed workflow. The file appears in the .github/workflows folder of your repository.

    OpenID Connect

        name: SQL for GitHub Actions
    
    on:
        push:
            branches: [ main ]
        pull_request:
            branches: [ main ]
    
    jobs:
        build:
            runs-on: windows-latest
            steps:
             - uses: actions/checkout@v1
             - uses: azure/login@v2
               with:
                client-id: ${{ secrets.AZURE_CLIENT_ID }}
                tenant-id: ${{ secrets.AZURE_TENANT_ID }}
                subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
         - uses: azure/sql-action@v2.3
           with:
            connection-string: ${{ secrets.AZURE_SQL_CONNECTION_STRING }}
            path: './Database.dacpac'
            action: 'publish'

            # Azure logout 
             - name: logout
               run: |
                 az logout

    Service principal

    name: SQL for GitHub Actions

on:
    push:
        branches: [ main ]
    pull_request:
        branches: [ main ]

jobs:
    build:
        runs-on: windows-latest
        steps:
         - uses: actions/checkout@v1
         - uses: azure/login@v2
           with:
            creds: ${{ secrets.AZURE_CREDENTIALS }}
         - uses: azure/sql-action@v2.3
           with:
            connection-string: ${{ secrets.AZURE_SQL_CONNECTION_STRING }}
            path: './Database.dacpac'
            action: 'publish'

            # Azure logout 
         - name: logout
           run: |
              az logout

Review your deployment

  1. Go to Actions for your GitHub repository.

  2. Open the first result to see detailed logs of your workflow's run.

    :::image type="content" source="media/quickstart-sql-github-actions/github-actions-run-sql.png" alt-text="Log of GitHub actions run":::

Clean up resources

When your Azure SQL database and repository are no longer needed, clean up the resources you deployed by deleting the resource group and your GitHub repository.

Next steps

[!div class="nextstepaction"] Learn about Azure and GitHub integration